Secure and Reliable Distributed Health Records: Achieving Query Assurance across Repositories of Encrypted Health Data

Future health information system architectures will intrinsically include distributed systems and data repositories across multiple organizations. As such it will become more important to provide a high level of query quality assurance for the organizations utilizing these distributed and shared data repositories. Query assurance is defined as the data source accurately responding to queries by meeting the requirements of correctness, completeness and freshness. Secure and private health information is a necessity and as one of the significant threats to this security is from insider activities, it will often be desirable that electronic health information be stored in an encrypted format to provide data confidentiality. Providing data confidentially and query assurance within the same approach will be a necessity, while simultaneously ensuring the usability of the health information is not substantially diminished. In this paper, we present a query assurance model that implements the three requirements of query assurance across sources of searchable encrypted data. Further, we consider the issue of freshness and data persistence in a multiple data-owner environment. This is a novel contribution to query assurance and one driven by and increasingly important in the specific context of emerging distributed health information systems. The approach is tested against a large dataset of Continuity of Care Records (CCR) in a key-value store and evaluation results are presented.